I’ve set up REST so they can upload data. I’ve given them permissions on the workspaces. All works well. But I have one major concern: none of these users will want the other users seeing, accessing or even knowing what data they have in their workspaces. When adding a store the Connection Parameters URL ‘Browse’ option allows complete viewing of the data_directory, home directory and drives and data in these other directories can be uploaded.
I can ‘hide’ all the folders in these directories so users can’t access them but is there a tidier way to remove the ‘browse’ option completely. As I’m getting my users to cURL via REST I’d be happy to deactivate the ‘Add Store’ just as the ‘Add Workspace’ option is.
I’ve seen others curious in allowing external users access/control. I hope that I’ve identified something useful to the community.
[Windows 2008 Srvr / Java 1.7.0_09-b05 64bit / GS 2.2-SNAPSHOT (in OpenGeo 3.0.2) (Same issue occurs with separate GS2.2.2)]
···
–
Richard “Abe” CoughlinSPATIAL DATA & APPLICATIONS SPECIALIST
Pacific Islands Ocean Observing System
University of Hawaii 1-808-956-0822
www.pacioos.org
On Fri, Mar 29, 2013 at 2:13 AM, Richard (Abe) Coughlin <rac88@anonymised.com> wrote:
I’ve set up REST so they can upload data. I’ve given them permissions on the workspaces. All works well. But I have one major concern: none of these users will want the other users seeing, accessing or even knowing what data they have in their workspaces. When adding a store the Connection Parameters URL ‘Browse’ option allows complete viewing of the data_directory, home directory and drives and data in these other directories can be uploaded.
I can ‘hide’ all the folders in these directories so users can’t access them but is there a tidier way to remove the ‘browse’ option completely. As I’m getting my users to cURL via REST I’d be happy to deactivate the ‘Add Store’ just as the ‘Add Workspace’ option is.
I’ve seen others curious in allowing external users access/control. I hope that I’ve identified something useful to the community.
There is no provision for limiting which part of the data directory you can see, although I understand that might be desirable.
Patches welcomed.
[Windows 2008 Srvr / Java 1.7.0_09-b05 64bit / GS 2.2-SNAPSHOT (in OpenGeo 3.0.2) (Same issue occurs with separate GS2.2.2)]
Questions about the OpenGeo suite should be directed to their support forum
(https://getsatisfaction.com/opengeo/products/opengeo_opengeo_suite), this community
only supports vanilla GeoServer
Cheers
Andrea
–
Ing. Andrea Aime
@geowolf
Technical Lead
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549
http://www.geo-solutions.it
http://twitter.com/geosolutions_it